Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2880

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-2880
Last Modified 22 Dec 2009 12:00:00
Published 18 Dec 2009 02:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-2880

Summary

Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file.

Vulnerable Systems

Application

  • Cisco Webex 26.00

  • Cisco Webex 27.00


References

VUPEN - ADV-2009-3574

CISCO - 20091216 Multiple Cisco WebEx WRF Player Vulnerabilities

CONFIRM - http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456

CONFIRM - http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456

CONFIRM - http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456

CONFIRM - http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456

CONFIRM - http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456

CONFIRM - http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456

CONFIRM - http://tools.cisco.com/security/center/viewAlert.x?alertId=19499

XF - cisco-webex-wrf-bo(54841)

BID - 37352

OSVDB - 61130

MISC - http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atrpui.dos.html

MISC - http://www.fortiguard.com/advisory/FGA-2009-48.html

SECTRACK - 1023360

SECUNIA - 37810


Last Updated: 27 May 2016 10:51:03